Websense is another such product.
> -----Original Message-----
> From: Chuck Larrieu [mailto:[EMAIL PROTECTED]]
> Sent: Friday, December 08, 2000 9:29 AM
> To: Eddie Parra; Patrick Bass; [EMAIL PROTECTED]
> Subject: RE: Napster block
>
>
> As part of some research I have been doing to address some
> issues I have
> with a particular customer security design, I've been
> spending a bit of time
> at www.trusecure.com , and the related interests Information Security
> Magazine and the ICSA test labs.
>
> What I have read there leads me to believe that it is damn
> near impossible
> to enforce any kind of real complex security policy on a
> purely hardware
> based firewall.
>
> Too many bad things are starting to happen using ports 20,
> 21, 25, 53, and
> 80 - all ports that in general must be left open for
> legitimate company web
> use. For good reasons and evil, app developers are now
> writing their apps to
> use these ports, rather than leave them for their intended purposes.
>
> There are a couple of companies that offer server based software that
> inspect and block forbidden sites and content. I believe one of the
> companies offering such a product is WebSecure. Sorry, I can't find my
> literature that I picked up at Networkers.
>
> But the point is that in order to stop any number of services
> that violate
> policy, it is no longer enough to try to block a couple of ports.
>
> Chuck
>
>
> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On
> Behalf Of
> Eddie Parra
> Sent: Friday, December 08, 2000 8:52 AM
> To: Patrick Bass; [EMAIL PROTECTED]
> Subject: RE: Napster block
>
> How did you do that? Napster isn't port based... Napster
> can use ANY TCP
> port? You can set the Napster client to port 80 (HTTP) and
> it works fine.
>
> -Eddie
>
> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> Patrick Bass
> Sent: Friday, December 08, 2000 9:35 AM
> To: [EMAIL PROTECTED]
> Subject: Re: Napster block
>
>
> Which firewall are you using? I've blocked my users from
> napster using the
> PIX outbound command.
>
>
> ""Dave Malik"" <[EMAIL PROTECTED]> wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > <html><DIV>Does anyone know what TCP or UDP ports need to
> be blocked on a
> firewall to prevent users on a network from accessing Napster??</DIV>
> > <DIV> </DIV>
> > <DIV>Any comments would be appreciated.</DIV>
> > <DIV> </DIV>
> > <DIV>Regards,</DIV>
> > <DIV>Dave</DIV>
> > <DIV> </DIV><br clear=all><hr>Get more from the Web. FREE MSN
> Explorer download : <a
> href="http://explorer.msn.com">http://explorer.msn.com</a><br>
> </p></html>
> >
> > _________________________________
> > FAQ, list archives, and subscription info:
> http://www.groupstudy.com/list/cisco.html
> > Report misconduct and Nondisclosure violations to
> [EMAIL PROTECTED]
> >
>
>
> _________________________________
> FAQ, list archives, and subscription info:
> http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
> _________________________________
> FAQ, list archives, and subscription info:
> http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
> _________________________________
> FAQ, list archives, and subscription info:
> http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
